If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Hybrid View

Windows 7 security - Which system works best?

So this is where you AV folk hang out huh?

I'm in the market for some security software for a new computer, but know next to nothing about it. I have searched endlessly for a good review of recent software but haven't found anything recent or credible. I was hoping somebody could give me some pointers of things to look for?

This site did a quiz of my usage and recommended Bit Defender. How does Bit Defender stack up to others, and in particular Norton and Mcafee, or freebies like avast. Is it worth forking out the dough?

My new laptop is running Windows 7 PRO 64 bit, with 500GB drive, but I don't want anything thats going to clog up all the resources. My last laptop was running avast but I found that it was too slow and things were still falling through the cracks. And even though the scanners were picking up the viruses they were having trouble deleting them.

I don't really have any need for parental control or spam filtering (thanks to google). But I do want to ensure privacy and security, and my web browser (chrome) does the phishing, right? I don't mind forking out the dough if I'm getting the security, but which package is going to give me the best?

PS. The links in the Newbies FAQ are all broken... Someone might want to look into that

No single AV is going to get everything. Even if you have the most up to date signatures, someone can re-encode an old piece of malicious code, and get it past most of the AV products out there. I used to swear by AVG, but it seems to have turned into somewhat of a resource hog... When I am booted to Windows at home [which is rare anymore], I use Avast. It seems to function pretty well, with Windows 7 64b. And the price is right. Though, I also scan with Malware Bytes Anti-Malware, and Spybot S&D on occasion, just to check for stragglers.

Most infections can be mitigated with common sense though. Be careful what you click on, which attachments you open, which sites you allow javascript/flash for. NEVER USING PDFs.

Or you could just get a Mac, because it is impossible to write malicious code for them. [Sorry, couldn't resist.]

\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

1. the finest security product on the face of the Planet is the human brain. Unfortunately, a lot of people don't seem to activate it when using their computers.

2. All multi-functional security products (suites) are resource hogs to a greater or lesser extent.

3. As westin says, no one product will find everything.

On that note, there was a competition a while back where teams were given 10 current malwares and had to obfuscate them so they got past at least a dozen of the leading security products. At least one team got all of them through, which means they had developed 10 zero-day items in the space of 8 hours!

I use the following products (all free):

1. Avira: AntiVir personal

I like this one because it is more configurable than most of its rivals. It has recently been updated and now, when I log-on, it pops up a little nag screen telling me that I am logged-in as Administrator

2. Spybot Search & Destroy

This is an on demand scanner so it does not take up resource in normal use. Set it to "advanced mode" and check out the various tools that come with it. It also has an immunization and realtime scanning capability called "Teatimer"

3. SpwareBlaster

This is complementary to Spybot, and only runs when you are running activeX applications.

4. Malwarebytes' Anti-malware, A-Squared

These are two on demand scanners that pick up a variety of items that others might not.

5. Tall Emu's "OnlineArmor"

This is a very powerful tool that you will probably find a real pain in the butt. Just remember that it might just save that butt
It is a combination of a firewall and a software/behavioural monitor. When it detects a new process about to run it asks you if it should let it.

You have the options:

i] Allow.............let it run but ask again next time
ii) Trust............let it run and remember that for next time
iii) Run with reduced privileges

There is also a software installation mode, and a quick learning option when you first set it up.

OTHER STUFF:

These are really housekeeping tools but they do have security implications.

Secunia PSI (Personal Software Inspector)

This scans your system and warns you if you have applications for which there are security patches you haven't applied; or if the product is no longer supported by its vendor.

Where possible it will give you a direct link to the update site. It will also take you directly to the folder where the offending item is located, which is useful as not all products clean up after themselves, and leave vulnerable stuff sitting on your machine.

CCleaner

This cleans up residual crap from your machine, which might also be a location where malware is hiding.

[All these items run quite happily together on single core processors of 1.6~2.26Ghz, with 768~1500Mb of DDR1 RAM] so performance should not be an issue on today's machines.

Please remember that when you are scanning for and removing malware you should have administrator rights and do it in safe mode.

and my web browser (chrome) does the phishing, right?

No web browser is secure due to their very nature. And I wouldn't trust any anti-phishing software to protect me. Security products are very dangerous if they lull you into a false sense of security.

At the end of the day, YOU are your own best defence!

@westin:

Or you could just get a Mac, because it is impossible to write malicious code for them.

Well, the results vary each time they get tested, and I am always sceptical about the results of tests and reviews. At the risk of appearing cynical, I think that a lot of the results just show how good the product is at doing the test, rather than how good it is at protecting you in the real World

MACs and Linux.............................This is a popular fallacy, as at best it is "security through obscurity" which is never a good idea. Westin was joking

Nowadays a lot of attacks are at the user application layer, so if the application will run in your environment, so probably, will the malware.

When it comes to attacks at the operating system layer (into which I would include Internet Explorer) then it is true that MAC and Linux are "safer", but only because they are nothing like as popular as Windows, so people don't write malware for them because there is lower hanging fruit .

Please get the Secunia PSI application. After you scan look at the "patched" applications section...........you will be horrified by the extent to which your installed and fully patched applications leave you vulnerable.

EDIT:

I have just checked this machine running XP pro SP3 with everything fully patched.

Secunia recognises 91 applications (which includes browser plugins/addons), and rates vulnerability from 1 to 5, where 1,2, & 3 are relatively minor, and 4 & 5 would allow a hacker full control of the machine.

Of the 91, 32 are housekeeping, utilitities or security products that do not provide a viable attack vector to a remote hacker. That leaves 59 potential targets of which 38 (64&#37 are vulnerable, 27 (46%) of which could allow full control.

My emphasis is because the existence of a vulnerability does not mean that there is an actual exploit in the wild right now. Some may never have live exploits written for them because malware authors are percentage players.

I have worked on 2 64 bit windows 7 laptops with 4 gigs RAM...and all is well...and both are running Symantec Endpoint with out any real resource issues.....and as we all know.... Symantec is a notorious resource hog.

So far I have been impressed with Endpoint....have it on several XP Pro machines...1-2 gigs RAM and have had no issues with it.

MLF

How people treat you is their karma- how you react is yours-Wayne Dyer

Yes ...surprisingly Endpoint has really given me no issues....I have disabled it and uninstalled it on problem machines thinking it was the problem...only to find out it was some acrobat shite...or video driver etc causing the issue.

I have seen resource issues with avast(free version)...specially on xp home machines..with minimal RAM....mostly just on startup

But then again...i find lately I have very little patience...specially with home machines and users that have to install every gawd dam toolbar and add on in existence ...

I make it a policy not to tell anyone I work in IT anymore....or lie and say I dont do windows

MLF

How people treat you is their karma- how you react is yours-Wayne Dyer

I have seen resource issues with avast(free version)...specially on xp home machines..with minimal RAM....mostly just on startup

Avast! have just released a new version. I haven't had a chance to examine it yet so I can't say if that has improved or not.

I have it on a 2.66 core2duo with 1Gb of RAM, so I am not really expecting problems.

Most problems I see with systems...is lack of RAM.
I still come across xp systems with 512MB....

Same over here....................mostly ex-corporate machines that probably didn't have a full security suite on them. The new owner then goes and buys one of these full-blown security suites and wonders why the machine is slow.

So I stuck in a 500Gb SATA drive and 512Mb of RAM then applied SP3. It made quite a difference. One thing that struck me was that it only had a 40Gb drive in it (I didn't know that they made SATA drives that small), so it must have been part of a network, possibly a thin client environment?

It came with Avast! on it................and I know that hundreds of these things have been unleashed on the unsuspecting East Yorkshire public
Thanks for the heads up MLF

I have also seen configuration problems with security software, particularly the free versions, which tend not to give you many options. I am mainly thinking of gaming here.

I personally don't use "scan system on startup" or "scan file on closing" as I really don't see them catching much that scanning before shutting down and scanning a file on opening won't.

With a modern computer I really don't see resources as an issue; if you are having problems it is more likely to be software incompatibility and conflicts.

I only have two machines here with more than 512, and considering XP doesn't require more than 128 why would someone think they had to upgrade that? Anyone in Michigan is probably not thinking twice about RAM considering the economy in this area.